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DETAILED ACTION 



1. This action is responsive to the application filed on May 31 , 2002. Claims 1-20 
are pending. Claims 1-20 represent managing access control within system topologies 
using canonical access control representations. 

2. Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, 
manufacture, or composition of matter, or any new and useful improvement 
thereof, may obtain a patent therefor, subject to the conditions and requirements 
of this title. 

Claim 20 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Applicant discloses the medium as a 
"modulated carrier signal". 

To overcome this type of 101 rejection the claim need to be amended to include only 
the physical computer media and not a transmission media or other intangible or 
non-functional media. For the specification at the bottom, carrier medium and 
transmission media would be not statutory but storage media would be statutory. 
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3. Allowable Subject Matter 

Claims 2, 5-1 1 and 13 are objected to as being dependent upon a rejected base 
claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 

4. Claim Rejections - 35 USC § 102 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent 
by another filed in the United States before the invention thereof by the applicant 
for patent, or on an international application by another who has fulfilled the 
requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before 
the invention thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AIPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or indirectly from an international application filed before November 29, 2000. 
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Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) prior 
to the amendment by the AIPA (pre-AlPA 35 U.S.C. 102(e)). 

5. Claims 1, 3, 4, 12 and 14-20 are rejected under 35 U.S.C. 102(e) as being 
unpatentable over Shandony U.S. 6,675,261. 

Shandony teaches the invention as claimed including request based caching of 
data store data. 

As to claim 1, 14 and 19, Shandony teaches a method, a system and an article of 
manufacture comprising: 

A computer readable medium (figure 3, item 140) 

A plurality of accessibles within a topology accessible via at least one access 
control method (column 5, lines 51-53, Shandony discloses Web Server 18 provides an 
end user with access to various resources (i.e. accessibles) via network 16); 

A plurality of accessors within the topology, each accessor having a 
predetermined level of access to each of one or more of the plurality of accessibles via 
one or more of the at least one access control method; and, a computer-readable 
medium storing data representing a mathematically canonical representation of access 
of the plurality of accessors to the plurality of accessibles, the representation including 
at least one zone, each zone specifying one or more of the plurality of accessors 
having access to one or more of the plurality of accessibles (column 6, lines 58-60, 
Shandony discloses Web Gate 28 intercepts requests from users for resources 22 and 
24, and authorizes them via Access Server 34), 

The canonical representation satisfying a plurality of constraints comprising: 

A first constraint specifying that, for each zone, each of the one more accessors 
of the zone has identical access to each of the one or more accessibles of the zone 
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(column 7, lines 64-66, Shandony discloses Group Manager 44 manages groups of 
users who need identical access privileges to a specific resource or set of resources); 

A second constraint specifying that each of the plurality of accessibles belongs to 
no more than one of the at least one zone (column 5, lines 59-61, Shandony discloses 
resource 22 is external to Web Server 18 but can be accessed through Web Server 18. 
Resource 24 is located on Web Server 18); and 

A third constraint specifying that the at least one zone encompass largest sets of 
the plurality of accessors that satisfy the first and the second constraints (figure 1). 

As to claim 3, Shandony teaches the method of claim 1 , wherein determining the 
set of accessor-accessible pairs comprises determining each accessor-accessible pair, 
the accessor of each accessor-accessible pair having the predetermined level of access 
to the accessible of the accessor-accessible pair within the system topology according 
to each of one or more access control methods (column 7, lines 20-29, Shandony 
discloses determination of access privileges). 

As to claim 4, Shandony teaches the method of claim 1 , further comprising 
restoring access control of the accessors and accessibles within the system topology 
from a current configuration of the mathematically canonical set of zones to a target 
configuration of a second mathematically canonical set of zones (column 19, lines 42- 
46, Shandony discloses the Master Identity Administrator can configure access 
controls). 

As to claim 12, Shandony teaches the method of claim 1 , further comprising 
comparing a first configuration of the mathematically canonical set of zones to a second 
configuration of a second mathematically canonical set of zones (figure 67, item 2702). 

As to claim 15, Shandony teaches the system of claim 14, further comprising a 
console by which the access of the plurality of accessors to the plurality of accessibles 
as represented by the mathematically canonical representation is manageable (figure 
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8). 

As to claim 16, Shandony teaches the system of claim 15, wherein the console is 
one of the plurality of accessors (figure 8 (i.e. the user manger is an "accessor")- 

As to claim 17, Shandony teaches the system of claim 15, wherein the console 
permits a current configuration of the mathematically canonical representation to be 
restored to a target configuration of a second mathematically canonical representation 
(figure 8, item 416 or the configuration tab). 

As to claim 18, Shandony teaches the system of claim 14, wherein the topology 
comprises one of: a storage-area network, and a communications network (figure 2). 

As to claim 20, Shandony teaches the article of claim 19, wherein the medium is 
one of a recordable data storage medium and a modulated carrier signal (figure 2). 

6. Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to El Hadji M Sail whose telephone number is 571-272- 
4010. The examiner can normally be reached on 8:00-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ario Etienne can be reached on 571-272-4001. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
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Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

El Hadji Sail 
Patent Examiner 
Art Unit: 2157 
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